Configuration for the token exchange request
The JWT Authorization Grant and related metadata
const result = await requestJwtAuthorizationGrant({
tokenEndpoint: 'https://idp.example.com/token',
audience: 'https://auth.chat.example/',
resource: 'https://mcp.chat.example/',
idToken: 'eyJhbGciOiJS...',
clientId: 'my-idp-client',
clientSecret: 'my-idp-secret',
scope: 'chat.read chat.history'
});
// Use result.jwtAuthGrant with the MCP server's authorization server
Requests a JWT Authorization Grant (ID-JAG) from an enterprise IdP using RFC 8693 Token Exchange.
This function performs step 2 of the Enterprise Managed Authorization flow: exchanges an ID Token for a JWT Authorization Grant that can be used with the target MCP server.